A Transfer Learning Approach to Unveil the Role of Windows Common Configuration Enumerations in IEC 62443 Compliance

Abstract

Industrial control systems (ICS) depend on highly heterogeneous environments where Linux, proprietary real-time operating systems, and Windows coexist. Although the IEC 62443-3-3 standard provides a comprehensive framework for securing such systems, translating its requirements into concrete configuration checks remains challenging, especially for Windows platforms. In this paper, we propose a transfer learning methodology that maps Windows Common Configuration Enumerations (CCEs) to IEC 62443-3-3 System Security Requirements by leveraging labeled Linux datasets. The resulting labeled dataset enables automated compliance checks, analysis of requirement prevalence, and identification of cross-platform similarities and divergences. Our results highlight the role of CCEs as a bridge between abstract standards and concrete configurations, advancing automation, traceability, and clarity in IEC 62443-3-3 compliance for Windows environments.